Google moves to counter Android malware

Trent Nouveau, 7th March 2011

Google security experts have removed a number of malicious apps recently published in the Android Market.

According to Android Security Lead Rich Cannings, the rogue apps were axed "within minutes" of being positively identified.

"The applications took advantage of known vulnerabilities which don't affect Android versions 2.2.2 or higher.

"For affected devices, we believe that the only information the attacker(s) were able to gather was device-specific - IMEI/IMSI, unique codes which are used to identify mobile devices, and the version of Android running on your device.

"But given the nature of the exploits, the attackers could access other data, which is why we've taken a number of steps to protect those who downloaded a malicious application."

The above-mentioned steps include:

Removing the malicious applications from Android Market, suspending the associated developer accounts, and contacting law enforcement about the attack.

Remotely removing the malicious applications from affected devices.

Pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attackers from accessing any more information from affected devices.

Adding a number of measures to help prevent additional malicious apps using similar exploits from being distributed through Android Market and working with partners to provide the fix for underlying security issues.